EP3161705B1 - Composite document referenced resources - Google Patents
Composite document referenced resources Download PDFInfo
- Publication number
- EP3161705B1 EP3161705B1 EP14896681.5A EP14896681A EP3161705B1 EP 3161705 B1 EP3161705 B1 EP 3161705B1 EP 14896681 A EP14896681 A EP 14896681A EP 3161705 B1 EP3161705 B1 EP 3161705B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- referenced resource
- resource location
- key
- content
- referenced
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 239000002131 composite material Substances 0.000 title claims description 97
- 238000000034 method Methods 0.000 claims description 20
- 238000012797 qualification Methods 0.000 claims description 7
- 238000012795 verification Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims 3
- 238000010586 diagram Methods 0.000 description 10
- 230000007246 mechanism Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 230000015654 memory Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 239000012634 fragment Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013499 data model Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Definitions
- digital documents have become a commonly accepted alternative to printing documents, both for purposes of efficiency and for environmental purposes.
- Examples of digital documents that may be created, distributed, or otherwise exchanged include, for instance, electronic word processing documents, electronic spreadsheets, electronic presentations, electronic drawings, portable document format (PDF) files, and web pages, e.g., HTML, CSS, or other web format files.
- Digital documents may range in file size from a small number of bytes to a large number of terabytes or more.
- Composite documents have become a mixture, or a composite, of separate parts created in differing file formats. Different parts may be combined together through various serialization mechanisms such as a Java jar-archive, or an HP DLF file.
- a composite document is a business proposal document including product images as JPEG files, a marketing video clip as a MOV file, a PowerPoint presentation as a PPT file, and a financial details spreadsheet as an XLS file.
- Composite documents may be presented to a user through specialized software as a single editable, browsable, searchable, approvable, or usable document.
- a composite document may be a document having a set of individual accessible content parts
- a mechanism for providing and enforcing differential access control for publicly-posted composite documents is proposed by Helen Y. Balinsky et al; "Differential access for publicly-posted composite documents with multiple workflow participants", Document Engineering, ACM, 2 Penn Plaza, Suite 701, New York, NY 10121-0701, USA, 21 September 2010 (2010-09-21), pages 115-124, XP058130915 .
- a composite document an authoring environment, a secure content manager, and a method for accessing one or more secure content-parts of a composite document with referenced locations, i.e., referenced resources, are disclosed.
- the systems and methods disclosed herein generally enable a composite document to be created, accessed, loaded, and/or edited with one or more content-parts of the composite document stored in referenced locations instead of embedded into the composite document.
- a composite document may comprise one or more referenced locations as a uniform resource identifier ("URI"), uniform resource locator ("URL”), file path, or other pointer to data external to the composite document, i.e., not embedded into the composite document.
- URI uniform resource identifier
- URL uniform resource locator
- file path or other pointer to data external to the composite document, i.e., not embedded into the composite document.
- other content-parts of the composite document may be embedded into the composite document.
- a content-part may be both stored as a referenced resource and embedded. In such cases, the most recent version of a content-part may be used when accessed by a participant.
- a composite document may comprise a digital document that contains content-parts that have been encrypted and signed to substantially prevent unauthorized access to the content-parts.
- the content-parts may comprise a variety of individually addressable and accessible parts in the form of separate files or addressable file fragments.
- the units may include individual files, groups of files, or file fragments including, e.g., HTML tags, XML nodes and elements, word processing pages, spreadsheet cells, presentation slides, an electronic object containing drawings, an electronic object having video capabilities, etc., and/or combinations of different types of file parts.
- a composite document may be a folder, container, grouping, or other data structure.
- a composite document may be publicly-posted, e.g., at a public location or on a public server, or with a public level of access.
- a composite document may be on a public server but not be publicly accessible, or vice versa.
- a composite document may be used, e.g., privately or internally within an enterprise, and/or in mixed workflows (inter or intra-organization).
- Referenced locations such as a URI within a composite document may eliminate redundant downloads and uploads, reducing overall traffic and improving propagation of a composite document along a workflow. Referenced locations may also restrict unnecessary downloads of content-parts for which a particular workflow participant (or "participant" or “user") does not have read access, or in the case where a participant does not have a device that qualifies for access to a content-part, such as a device incapable of accessing a particular file type such as a multimedia file. Referenced locations may also provide immediate access to some elements of a composite document, i.e., a Table of Contents, while downloading other content-parts successively or at a later time, e.g., when needed or when requested.
- Referenced locations may also allow for editing of content-parts amongst workflow participants without the exchange of, e.g., embedded content-parts. Referenced locations may also allow for versioning, or version-dependent access, where the policy permits access to a certain version for a particular workflow participant, e.g., a beta document for an employee or developer, while a stable version is accessed by an end-user.
- various attributes may be used to determine if a referenced location is downloaded immediately upon access to the composite document or, e.g., only when a participant requests access to the particular content-part.
- attributes may relate to, for example, a loading preference (e.g., "lazy loading” or “eager loading”); whether a participant has read and/or write access; device qualifications, e.g., whether a participant's device is capable of downloading particular content-part stored in a referenced location.
- a determination on the bandwidth qualifications e.g., whether a participant's network connection is capable of downloading a particular content-part stored in a referenced location, is used.
- FIG. 1 illustrates a simplified block diagram of a digital document workflow, according to an example of the present disclosure. It should be understood that the diagram depicted in FIG. 1 represents a generalized illustration and that other components may be added, or existing components may be removed, modified, or rearranged without departing from the overall scope of the digital document workflow.
- the digital document workflow in an example, includes a digital document 102, an authoring environment 106, a composite document 108, participants 120a-n, and referenced locations 118a-n.
- Referenced locations 118an are depicted as URIs, but as mentioned previously, may be a URI, a file path, or other pointer to data external to the composite document, i.e., data not embedded into the composite document.
- Composite document 108 contains secure content-parts 110a-n and encrypted key-map entries in a key map table 112.
- secure is intended to denote that the content-parts 110a-n and the key-map entries in the key map table 112 are encrypted and/or signed.
- the key map table 112 may comprise one or more rows for each resource, e.g., each content-part.
- key map table 112 may include rows for a content-part that is embedded, referenced, and embedded and/or referenced.
- a type field may be used in key map table 112 to define whether a particular row relates to a content-part that is embedded or referenced, and permissions may indicate the read, write, or modify access level for a particular content-part. Permissions or access controls may be expressed in key map table 112.
- Key map table 112 may include fields such as a user ID, a part ID, a type, a signature verification key, a decryption key, an encryption key, and/or a signature key.
- Key map table 112 represents permissions that allow a participant with read-only access to read a URI and retrieve a content-part; allow a participant with read/write access to a URI to modify a URI to place a content-part into a new location; allow a participant with read/write access to a content-part only to modify a content-part but not a URI; allow a participant with read/write access to a URI only to modify a URI but not a content-part; allow a participant with read/write access to a URI to export a referenced resource; or allow a participant with read/write access to a URI to convert a referenced resource into an embedded content-part.
- Content-parts 104a-n may represent individually addressable or separable elements within digital document 102.
- content-parts 104a-n may be lines, paragraphs, text boxes, cells, rows, columns, graphics, or other objects such as a fillable text field or signature box.
- the content-parts 104a-n may also be extended to the byte level, for instance, as different elements of the same file.
- the content-parts 104a-n may comprise logical aggregations of parts from multiple digital documents.
- Each of content-parts 104a-n may be stored within the digital document 102 or on, e.g., a computer, server, web server, storage device, cloud service, or other device or service external to the digital document 102.
- authoring environment 106 may package, encrypt, and sign the content-parts 104a-n of digital document 102 such that participants 120a-n are unable to access the resulting secure content-parts 110a-n (in master form) unless the participants 120a-n have the appropriate keys to access the secure content-parts 110a-n (in distribution form). More specifically, authoring environment 106 may generate, or derive, needed encryption and signature keys to encrypt and sign the content-parts 104a-n into secure content-parts 110a-n. Moreover, in an example, participants 120a-n may be required to use different sets of keys to read and/or write to composite document 108.
- authoring environment 106 creates or generates referenced locations, e.g., URIs, for content-parts 110a-n that are, or will be, stored external to composite document 108 instead of embedded.
- Authoring environment 106 may also allow for the creation or editing of attributes associated with a particular referenced location for a content-part, such as loading attributes, and may embed such attributes into the composite document 108.
- Loading attributes such as whether or not to immediately display a content-part, may be stored, e.g., in the composite document, or external to the composite document.
- Referenced locations e.g., a URI such as URIs 118a-n
- a URI such as URIs 118a-n
- a content-parts 110a-n table may comprise a part ID, a part name, a referenced location such as a URI (or the embedded data, if not a referenced resource), and at least one signature.
- Composite document 108 comprises encrypted key-map entries in a key map table 112. Access, including read/write permissions, to secure content-parts 110a-n by participants 120a-n may be controlled through distribution of various sets of keys contained in respective key-map entries in key map table 112 for the participants. More particularly, a subset of the entries may be contained in key-map entries within a composite document, with at least one key-map entry for each participant.
- Data stored in entry table 114 and signatures 116 may comprise additional information needed to decrypt, encrypt, verify, or otherwise authenticate secure content-parts of composite document 108.
- the various secure content-parts may be combined together through various serialization mechanisms, such as a Java jar-archive, an HP DLF file, or other file types.
- Participants 120a-n may represent computing devices through which participants 120a-n receive or initially access a composite document 108. When granted sufficient access, participants 120a-n may also view, edit, copy, print, and/or acknowledge receipt of a composite document 108.
- the computing devices may comprise, for instance, personal computers, desktop computers, laptop computers, tablet computers, personal digital assistants, cellular telephones, smartphones, retail points of sale, workstations, gaming devices, scientific instruments, and consumer electronic devices.
- Composite document 108 may be supplied to and among the participants 120a-n through, for instance, e-mail, a shared server, direct file transfer, removable storage medium, or cloud service, etc.
- Referenced locations, e.g., URIs 118a-n may be accessed directly by the composite document 108, or may be accessed via a secure content manager, e.g., the secure content manager 220 of FIG. 2 discussed in more detail below.
- FIG. 2 illustrates a simplified block diagram of a digital document system including an authoring environment, a secure content manager, and referenced content-parts, according to an example of the present disclosure.
- FIG. 2 represents generalized illustrations and that other components may be added, or existing components removed, modified, or rearranged, without departing from the scope of the systems of FIG. 2 .
- authoring environment 106 may include, in an example, a user interface module 210, a document serialization module 212, an encryption module 214, a signing module 216, and a key generation module 218.
- the modules may support a user interface, serializing content-parts of a composite document into a composite document, encrypting content-parts or an entire composite document, signing content-parts or an entire composite document, and generating keys for use in a composite document.
- Secure content manager 220 allows participants 120a-n to access secure content-parts of a composite document 108.
- secure content manager 220 may comprise or include a front-end software tool or graphical user interface ("GUI") for accessing a composite document 108.
- GUI graphical user interface
- Secure content manager 220 receives a composite document 108 through the workflow of participants 120a-n. It will be understood that secure content manager 220 may be positioned between any of the participants 120a-n in the workflow as well as between multiple participants 120a-n.
- secure content manager 220 may receive composite document 108 more than once during a workflow, as is the case for participants 120a-n. In contrast to participants 120an, however, the secure content manager 220 need not read or edit the secure content-parts 110a-n of the composite document 108.
- Secure content manager 220 may authenticate a participant; establish a corresponding trusted public key for a participant; function as a document security and safety checkpoint; backup the composite document 108 at various points along the workflow; timestamp the composite document 108 at various points along the workflow; scan a part of the composite document 108 that is exclusively accessible by the secure content manager 220 to determine if composite document 108 is in compliance with the security compliance rules; and perform other functions between authoring environment 106, participants 120an, and referenced location servers 118a-n.
- secure content manager 220 may also access or read attributes relating to whether location references are to be created or, once created, whether they are to be accessed or loaded. In various examples, different attributes may be assigned for each participant 120a-n, for different groups of participants, or for all workflow participants. Attributes can be joined by OR/AND operators, or may default to an AND operator. Secure content manager 220 may also access key map table 112 to determine read/write access or permission levels for a particular participant or content-part.
- Secure content manager 220 may include, in an example, a user interface module 222, a document read/write module 224, an encryption/decryption module 226, a document supplying module 228, a key access module 230, and a signature/verification module 232.
- the modules may support a user interface, reading and writing or re-writing content-parts of a composite document into a composite document after editing, encrypting and decrypting content-parts or an entire composite document, supplying or presenting content-parts or an entire composite document, accessing keys for use in a composite document, and/or signing or verifying.
- Referenced location servers 118a-n may include any content-parts referenced in a composite document 108.
- referenced location server 118a may be a web server, shared storage, a sharing service, or online cloud storage for storing a document
- referenced location server 118b may be a media server storing a movie file.
- referenced location server 118c may store Flash content which may, or may not, be playable on a particular participant device, as discussed below in more detail. It will be understood that the referenced location servers 118a-n may comprise disk storage systems or arrays, or other storage, functioning as data servers.
- the authoring environment 106, secure content manager 220, and referenced locations servers 118a-n may be implemented and/or executed by a respective processor or processors 202, which may be coupled to one or more memories 204, input apparatus 206, and input/output interfaces 208.
- authoring environment 106 may comprise an integrated and/or add-on hardware device of a computing device comprising a processor 202.
- the secure content manager 220 may comprise a computer readable storage device upon which machine readable instructions for each of the modules 222-232 are stored and executed by a processor 202, which may be coupled to a memory 204.
- referenced location servers 118a-n may comprise a hard disk or solid state disk, or volatile and/or non-volatile memory, such as DRAM, EEPROM, MRAM, phase change RAM (PCRAM), Memristor, and flash memory, etc.
- volatile and/or non-volatile memory such as DRAM, EEPROM, MRAM, phase change RAM (PCRAM), Memristor, and flash memory, etc.
- the authoring environment 106, secure content manager 220, and referenced location servers 118a-n may communicate directly with each other, or through input/output interfaces, e.g., interfaces 208, through the use of tokens or keys, or other means of digital communication.
- FIG. 3 illustrates a flow diagram of a method for storing content-parts for a composite document, according to an example of the present disclosure.
- a new content part e.g., content part 104a-n
- new keys are created for the content part by, e.g., secure content manager 220.
- the content part is encrypted and signed by, e.g., secure content manager 220, using, e.g., a part-specific key.
- secure content manager 220 can store the content part within the composite document 108 by, e.g., embedding it into composite document 108, or secure content manager 220 can store the content-part externally, e.g., on a server or other location, and store only a referenced location to the resource in composite document 108.
- the decision of block 308 may be based on known attributes of either composite document 108 or attributes related to any of workflow participants 120a-n.
- the storage may be suspended, e.g., secure content manager 220 may store the content-part locally in a temporary location. In such a case, flow may return to block 308 when sufficient information is available to determine where to store a new content part.
- flow may proceed to either block 314, where content-parts are stored external to composite document 108, or to block 322, where content-parts are embedded in composite document 108.
- a URI location is determined.
- a location may be determined based on attributes such as locations that are accessible to all workflow participants requiring access to a particular content-part. For example, it may be determined that storing a content part in London is a suitable location for workflow participants determined to be located throughout Europe. In another example, content-parts that only need to be accessed within a business organization may be at an internal URI.
- the URI of the determined location is encrypted and signed.
- the URI may be a uniform resource locator of a particular website including a prefix, a website name, and a top-level domain, and/or a file path with or without variables such as a username, password, or unique identifier, etc. within the a string.
- the table of content-parts 110an is then updated in block 318 with a part ID, a part name, the URI, and at least one signature, e.g., the URI signature and the part signature.
- the encrypted content-part is then stored in the reference location, e.g., at URI location 118a-n.
- the content-part may not be encrypted, e.g., when a particular content-part is not confidential.
- the content-part is embedded along with a signature for the content part.
- the table of content-parts 110a-n is updated with a part ID, a part name, the embedded data, and at least one signature.
- FIG. 4 illustrates a flow diagram of a method for accessing content-parts of a composite document, according to an example of the present disclosure.
- a composite document 108 is received or accessed by, e.g., secure content manager 220 following, e.g., a request from a workflow participant.
- flow continues to block 412 where a determination is made as to whether the content-part associated with the URI is to be immediately displayed or transmitted to the workflow participant. If the content-part associated with the URI is not to be immediately displayed, e.g., if the workflow participant will access the content-part associated with the URI at a later time, flow returns to block 408.
- defaults may be set for a particular device. For example, a participant's mobile device may be set to not display any content-parts by default, or to not display certain file types, e.g., multimedia clips, immediately.
- a determination as to whether a referenced content-part is to be immediately displayed may be based on an attribute, such as composite document or workflow participant attributes, e.g., detailed read/write/access permissions, available bandwidth, or device settings or capabilities.
- secure content manager 220 in an example, downloads only the referenced location content-parts necessary for a particular participant 120a-n.
- Such an attribute may be deemed either "lazy loading” and/or “eager loading” in some examples to, e.g., optimize bandwidth usage and efficiency.
- Such efficiencies may be particularly critical in a mobile environment, and/or when a composite document contains both text and heavy use of multimedia.
- a determination may be made as to whether a device of a workflow participant is configured to receive, process, display, execute, or "play" a particular content-part.
- the secure content manager 220 may determine if the participant device 120a-n is capable of playing Flash movies. If not, the reference may not be accessed, downloaded, or loaded.
- the content-part associated with a URI is retrieved or fetched from the URI in block 414 and displayed in block 416.
- the content-part is decrypted after being fetched.
- the URI itself may be a referenced location, reflector mechanism, automatic redirect, or other referral mechanism, such that the URI location fetches content from other sources and returns the fetched content to secure content manager 220.
- a participant's key map table is checked to determine if a participant has write access to either the content-part, the URI, or both. If so, a participant may edit the content part, the URI, or both in block 424.
- a participant with write access to a URI may convert an embedded content-part into a referenced resource, e.g., using the process for creating a referenced resource discussed above.
- a participant with write access may convert a referenced resource into an embedded content-part by deleting a URI and embedding the content-part accordingly.
- a participant with write access to a URI may modify a URI with a new referenced resource location, moving the content-part to the new referenced resource location. In cases where the participant does not have write access, flow may proceed to block 426.
- flow continues to block 420 where a determination is made as to whether the content-part is to be immediately displayed or transmitted to the workflow participant. If the content-part is not to be immediately displayed, e.g., if the workflow participant will access the content-part at a later time, flow returns to block 408. In the event that the content-part is to be immediately displayed, the content-part is displayed in block 416.
- a determination as to whether an embedded content-part is to be immediately displayed may be based on an attribute, such as composite document or workflow participant attributes.
- secure content manager 220 in an example, opens only the referenced location content-parts necessary for a particular participant 120a-n.
- flow may proceed to block 422 for editing if a participant has write access.
- FIG. 5 illustrates a schematic representation of a computing device that may be used as a platform for implementing or executing at least one of the processes depicted in FIGS. 3 and 4 , according to examples of the present disclosure.
- Some or all of the operations set forth in the figures may be contained as a utility, program, or subprogram, in any desired computer readable storage medium.
- the operations may be embodied by machine-readable instructions.
- they may exist as machine-readable instructions in source code, object code, executable code, or other formats. Any of the above may be embodied on a computer readable storage medium, which include storage devices.
- Examples of computer readable storage media include conventional computer system RAM, ROM, EPROM, EEPROM, and magnetic or optical disks or tapes. Concrete examples of the foregoing include distribution of the programs on a CD ROM or via Internet download. It is therefore to be understood that any electronic device capable of executing the above-described functions may perform those functions enumerated above.
- Computing device 500 may represent a computing device that comprises authoring environment 106, secure content manager 222, and/or referenced location servers 118a-n.
- the device 500 may include a processor 502 such as a central processing unit; a display device 504, such as a monitor or other digital display; a network interface 506, such as a Local Area Network LAN card, a wireless 802.11x LAN card, a 3G or 4G mobile WAN or a WiMax WAN card; and a computer-readable medium 508.
- Each of these components may be operatively coupled to a bus 510.
- the bus 510 may be an EISA, a PCI, a USB, a FireWire, a NuBus, or a PDS.
- the computer readable medium 508 may be any suitable medium that participates in providing instructions to the processor(s) 502 for execution.
- the computer readable medium 508 may be non-volatile media, such as an optical or a magnetic disk, or volatile media, such as memory. Transmission media can also take the form of acoustic, light, or radio frequency waves.
- the computer readable medium 508 may also store other machine-readable instructions.
- the computer-readable medium 508 may also store an operating system 512, such as Microsoft Windows, Mac OS, Unix, or Linux; network applications 514; and an access management application 516 such as secure content manager 220.
- the operating system 512 may be multi-user, multiprocessing, multitasking, multithreading, real-time, and the like.
- the operating system 512 may also perform basic tasks, such as recognizing input from input devices, such as a keyboard or a keypad; sending output to the display 504; keeping track of files and directories on medium 508; controlling peripheral devices, such as drives, printers, or image capture devices; and managing traffic on the bus 510.
- the network applications 514 may include various components for establishing and maintaining network connections, such as machine readable instructions for implementing communication protocols including TCP/IP, HTTP, Ethernet, USB, and FireWire.
- the authoring environment 106, secure content manager 220, and/or referenced location servers 110a-n provide various machine readable instructions for managing access to secure content, as described above.
- some or all of the processes performed may be integrated into the operating system 512.
- the processes may be at least partially implemented in digital electronic circuitry, in computer hardware, in machine readable instructions (such as firmware and/or software), or in any combination thereof.
Description
- The creation, distribution, and exchange of digital documents has become a commonly accepted alternative to printing documents, both for purposes of efficiency and for environmental purposes. Examples of digital documents that may be created, distributed, or otherwise exchanged include, for instance, electronic word processing documents, electronic spreadsheets, electronic presentations, electronic drawings, portable document format (PDF) files, and web pages, e.g., HTML, CSS, or other web format files. Digital documents may range in file size from a small number of bytes to a large number of terabytes or more.
- Many digital documents have become a mixture, or a composite, of separate parts created in differing file formats. Different parts may be combined together through various serialization mechanisms such as a Java jar-archive, or an HP DLF file. One example of a composite document is a business proposal document including product images as JPEG files, a marketing video clip as a MOV file, a PowerPoint presentation as a PPT file, and a financial details spreadsheet as an XLS file. Composite documents may be presented to a user through specialized software as a single editable, browsable, searchable, approvable, or usable document.
- A discussion on web distributed authoring and version is provided by Kim S et al.: "Architecture and data model of a webdav-based collaborative system", Proceedings of the 2004 International Symposium on collaborative technologies and systems, CTS 2004: January 18-23, 2004, Catamaran Resort hotel, San Diego, California, USA; Simulation series; 36, January 18, 2004, pages 48-55, XP002683618.
-
US 2012/0185701 A1 discloses a method for document security. A composite document may be a document having a set of individual accessible content parts, - A new access-style type for message/external-body MIME parts for uniform resource locators (URLs) is disclosed in (Freed Innosoft International K. Moore University of Tennessee A. Cargille N. et al. "Definition of the URL MIME external-body access-type; rfc2017.txt", Internet Engineering Task Force, IETF; Standard, Internet Society (ISOC) 4, Rue des Falaises CH-1205 Geneva, Switzerland, 1 October 1996.
- A mechanism for providing and enforcing differential access control for publicly-posted composite documents is proposed by Helen Y. Balinsky et al; "Differential access for publicly-posted composite documents with multiple workflow participants", Document Engineering, ACM, 2 Penn Plaza, Suite 701, New York, NY 10121-0701, USA, 21 September 2010 (2010-09-21), pages 115-124, XP058130915.
-
-
FIG. 1 illustrates a simplified block diagram of a digital document workflow, according to an example of the present disclosure; -
FIG. 2 illustrates a simplified block diagram of a digital document system including an authoring environment, a secure content manager, and referenced resource or content-parts; -
FIG. 3 illustrates a flow diagram of a method for storing content-parts for a composite document, according to an example of the present disclosure; -
FIG. 4 illustrates a flow diagram of a method for accessing content-parts of a composite document, according to an example of the present disclosure; and -
FIG. 5 illustrates a schematic representation of a computing device that may be used as a platform for implementing or executing at least one of the processes depicted inFIGS. 3 and4 , according to an example of the present disclosure. - In an example, a composite document, an authoring environment, a secure content manager, and a method for accessing one or more secure content-parts of a composite document with referenced locations, i.e., referenced resources, are disclosed.
- More specifically, in some examples, the systems and methods disclosed herein generally enable a composite document to be created, accessed, loaded, and/or edited with one or more content-parts of the composite document stored in referenced locations instead of embedded into the composite document. For example, a composite document may comprise one or more referenced locations as a uniform resource identifier ("URI"), uniform resource locator ("URL"), file path, or other pointer to data external to the composite document, i.e., not embedded into the composite document. In some examples, in addition to referenced resources, other content-parts of the composite document may be embedded into the composite document. In other examples, a content-part may be both stored as a referenced resource and embedded. In such cases, the most recent version of a content-part may be used when accessed by a participant.
- As used throughout the present disclosure, a composite document may comprise a digital document that contains content-parts that have been encrypted and signed to substantially prevent unauthorized access to the content-parts. The content-parts may comprise a variety of individually addressable and accessible parts in the form of separate files or addressable file fragments. For example, the units may include individual files, groups of files, or file fragments including, e.g., HTML tags, XML nodes and elements, word processing pages, spreadsheet cells, presentation slides, an electronic object containing drawings, an electronic object having video capabilities, etc., and/or combinations of different types of file parts. In some examples, a composite document may be a folder, container, grouping, or other data structure.
- In one example, a composite document may be publicly-posted, e.g., at a public location or on a public server, or with a public level of access. For example, a composite document may be on a public server but not be publicly accessible, or vice versa. In another example, a composite document may be used, e.g., privately or internally within an enterprise, and/or in mixed workflows (inter or intra-organization).
- Referenced locations such as a URI within a composite document may eliminate redundant downloads and uploads, reducing overall traffic and improving propagation of a composite document along a workflow. Referenced locations may also restrict unnecessary downloads of content-parts for which a particular workflow participant (or "participant" or "user") does not have read access, or in the case where a participant does not have a device that qualifies for access to a content-part, such as a device incapable of accessing a particular file type such as a multimedia file. Referenced locations may also provide immediate access to some elements of a composite document, i.e., a Table of Contents, while downloading other content-parts successively or at a later time, e.g., when needed or when requested. Referenced locations may also allow for editing of content-parts amongst workflow participants without the exchange of, e.g., embedded content-parts. Referenced locations may also allow for versioning, or version-dependent access, where the policy permits access to a certain version for a particular workflow participant, e.g., a beta document for an employee or developer, while a stable version is accessed by an end-user.
- In an example, various attributes, either of a particular participant or particular composite document, may be used to determine if a referenced location is downloaded immediately upon access to the composite document or, e.g., only when a participant requests access to the particular content-part. Such attributes may relate to, for example, a loading preference (e.g., "lazy loading" or "eager loading"); whether a participant has read and/or write access; device qualifications, e.g., whether a participant's device is capable of downloading particular content-part stored in a referenced location. According to the invention, a determination on the bandwidth qualifications, e.g., whether a participant's network connection is capable of downloading a particular content-part stored in a referenced location, is used.
-
FIG. 1 illustrates a simplified block diagram of a digital document workflow, according to an example of the present disclosure. It should be understood that the diagram depicted inFIG. 1 represents a generalized illustration and that other components may be added, or existing components may be removed, modified, or rearranged without departing from the overall scope of the digital document workflow. - The digital document workflow, in an example, includes a
digital document 102, anauthoring environment 106, acomposite document 108,participants 120a-n, and referencedlocations 118a-n. Referenced locations 118an are depicted as URIs, but as mentioned previously, may be a URI, a file path, or other pointer to data external to the composite document, i.e., data not embedded into the composite document. -
Composite document 108 contains secure content-parts 110a-n and encrypted key-map entries in a key map table 112. As used herein, the term "secure" is intended to denote that the content-parts 110a-n and the key-map entries in the key map table 112 are encrypted and/or signed. - The key map table 112 may comprise one or more rows for each resource, e.g., each content-part. For example, key map table 112 may include rows for a content-part that is embedded, referenced, and embedded and/or referenced. A type field may be used in key map table 112 to define whether a particular row relates to a content-part that is embedded or referenced, and permissions may indicate the read, write, or modify access level for a particular content-part. Permissions or access controls may be expressed in key map table 112. Key map table 112 may include fields such as a user ID, a part ID, a type, a signature verification key, a decryption key, an encryption key, and/or a signature key.
- Key map table 112 represents permissions that allow a participant with read-only access to read a URI and retrieve a content-part; allow a participant with read/write access to a URI to modify a URI to place a content-part into a new location; allow a participant with read/write access to a content-part only to modify a content-part but not a URI; allow a participant with read/write access to a URI only to modify a URI but not a content-part; allow a participant with read/write access to a URI to export a referenced resource; or allow a participant with read/write access to a URI to convert a referenced resource into an embedded content-part.
- Content-
parts 104a-n, in an example, may represent individually addressable or separable elements withindigital document 102. For example, content-parts 104a-n may be lines, paragraphs, text boxes, cells, rows, columns, graphics, or other objects such as a fillable text field or signature box. The content-parts 104a-n may also be extended to the byte level, for instance, as different elements of the same file. As another example, the content-parts 104a-n may comprise logical aggregations of parts from multiple digital documents. - Each of content-
parts 104a-n may be stored within thedigital document 102 or on, e.g., a computer, server, web server, storage device, cloud service, or other device or service external to thedigital document 102. - In an example,
authoring environment 106 may package, encrypt, and sign the content-parts 104a-n ofdigital document 102 such thatparticipants 120a-n are unable to access the resulting secure content-parts 110a-n (in master form) unless theparticipants 120a-n have the appropriate keys to access the secure content-parts 110a-n (in distribution form). More specifically,authoring environment 106 may generate, or derive, needed encryption and signature keys to encrypt and sign the content-parts 104a-n into secure content-parts 110a-n. Moreover, in an example,participants 120a-n may be required to use different sets of keys to read and/or write tocomposite document 108. - In addition,
authoring environment 106 creates or generates referenced locations, e.g., URIs, for content-parts 110a-n that are, or will be, stored external tocomposite document 108 instead of embedded.Authoring environment 106 may also allow for the creation or editing of attributes associated with a particular referenced location for a content-part, such as loading attributes, and may embed such attributes into thecomposite document 108. Loading attributes, such as whether or not to immediately display a content-part, may be stored, e.g., in the composite document, or external to the composite document. - Referenced locations, e.g., a URI such as URIs 118a-n, may be stored in content-parts 110a-n, or within a table or other storage mechanism associated with content-parts 110a-n which may be resolved, e.g., with a pointer. For example, a content-parts 110a-n table may comprise a part ID, a part name, a referenced location such as a URI (or the embedded data, if not a referenced resource), and at least one signature.
-
Composite document 108 comprises encrypted key-map entries in a key map table 112. Access, including read/write permissions, to secure content-parts 110a-n byparticipants 120a-n may be controlled through distribution of various sets of keys contained in respective key-map entries in key map table 112 for the participants. More particularly, a subset of the entries may be contained in key-map entries within a composite document, with at least one key-map entry for each participant. - Data stored in entry table 114 and signatures 116 may comprise additional information needed to decrypt, encrypt, verify, or otherwise authenticate secure content-parts of
composite document 108. As mentioned above, the various secure content-parts may be combined together through various serialization mechanisms, such as a Java jar-archive, an HP DLF file, or other file types. -
Participants 120a-n may represent computing devices through whichparticipants 120a-n receive or initially access acomposite document 108. When granted sufficient access,participants 120a-n may also view, edit, copy, print, and/or acknowledge receipt of acomposite document 108. The computing devices may comprise, for instance, personal computers, desktop computers, laptop computers, tablet computers, personal digital assistants, cellular telephones, smartphones, retail points of sale, workstations, gaming devices, scientific instruments, and consumer electronic devices. -
Composite document 108 may be supplied to and among theparticipants 120a-n through, for instance, e-mail, a shared server, direct file transfer, removable storage medium, or cloud service, etc. Referenced locations, e.g., URIs 118a-n, may be accessed directly by thecomposite document 108, or may be accessed via a secure content manager, e.g., thesecure content manager 220 ofFIG. 2 discussed in more detail below. -
FIG. 2 illustrates a simplified block diagram of a digital document system including an authoring environment, a secure content manager, and referenced content-parts, according to an example of the present disclosure. - It should be understood that the block diagram depicted in
FIG. 2 represents generalized illustrations and that other components may be added, or existing components removed, modified, or rearranged, without departing from the scope of the systems ofFIG. 2 . - As shown in
FIG. 2 ,authoring environment 106, discussed above, may include, in an example, auser interface module 210, adocument serialization module 212, anencryption module 214, asigning module 216, and akey generation module 218. Aside from the other operations of an authoring environment, including those discussed herein, the modules may support a user interface, serializing content-parts of a composite document into a composite document, encrypting content-parts or an entire composite document, signing content-parts or an entire composite document, and generating keys for use in a composite document. -
Secure content manager 220 allowsparticipants 120a-n to access secure content-parts of acomposite document 108. For example,secure content manager 220 may comprise or include a front-end software tool or graphical user interface ("GUI") for accessing acomposite document 108. -
Secure content manager 220 receives acomposite document 108 through the workflow ofparticipants 120a-n. It will be understood thatsecure content manager 220 may be positioned between any of theparticipants 120a-n in the workflow as well as betweenmultiple participants 120a-n. - It will also be understood that, in an example,
secure content manager 220 may receivecomposite document 108 more than once during a workflow, as is the case forparticipants 120a-n. In contrast to participants 120an, however, thesecure content manager 220 need not read or edit the secure content-parts 110a-n of thecomposite document 108. -
Secure content manager 220 may authenticate a participant; establish a corresponding trusted public key for a participant; function as a document security and safety checkpoint; backup thecomposite document 108 at various points along the workflow; timestamp thecomposite document 108 at various points along the workflow; scan a part of thecomposite document 108 that is exclusively accessible by thesecure content manager 220 to determine ifcomposite document 108 is in compliance with the security compliance rules; and perform other functions betweenauthoring environment 106, participants 120an, and referencedlocation servers 118a-n. - In an example,
secure content manager 220 may also access or read attributes relating to whether location references are to be created or, once created, whether they are to be accessed or loaded. In various examples, different attributes may be assigned for eachparticipant 120a-n, for different groups of participants, or for all workflow participants. Attributes can be joined by OR/AND operators, or may default to an AND operator.Secure content manager 220 may also access key map table 112 to determine read/write access or permission levels for a particular participant or content-part. -
Secure content manager 220 may include, in an example, a user interface module 222, a document read/write module 224, an encryption/decryption module 226, adocument supplying module 228, akey access module 230, and a signature/verification module 232. Aside from the other operations of a secure content manager, including those discussed herein, the modules may support a user interface, reading and writing or re-writing content-parts of a composite document into a composite document after editing, encrypting and decrypting content-parts or an entire composite document, supplying or presenting content-parts or an entire composite document, accessing keys for use in a composite document, and/or signing or verifying. - Referenced
location servers 118a-n, in an example, may include any content-parts referenced in acomposite document 108. For example, referencedlocation server 118a may be a web server, shared storage, a sharing service, or online cloud storage for storing a document, while referenced location server 118b may be a media server storing a movie file. In one example, referenced location server 118c may store Flash content which may, or may not, be playable on a particular participant device, as discussed below in more detail. It will be understood that the referencedlocation servers 118a-n may comprise disk storage systems or arrays, or other storage, functioning as data servers. - The
authoring environment 106,secure content manager 220, and referencedlocations servers 118a-n may be implemented and/or executed by a respective processor orprocessors 202, which may be coupled to one ormore memories 204,input apparatus 206, and input/output interfaces 208. Thus, for instance,authoring environment 106 may comprise an integrated and/or add-on hardware device of a computing device comprising aprocessor 202. As another example, thesecure content manager 220 may comprise a computer readable storage device upon which machine readable instructions for each of the modules 222-232 are stored and executed by aprocessor 202, which may be coupled to amemory 204. - In an example, referenced
location servers 118a-n may comprise a hard disk or solid state disk, or volatile and/or non-volatile memory, such as DRAM, EEPROM, MRAM, phase change RAM (PCRAM), Memristor, and flash memory, etc. - The
authoring environment 106,secure content manager 220, and referencedlocation servers 118a-n may communicate directly with each other, or through input/output interfaces, e.g., interfaces 208, through the use of tokens or keys, or other means of digital communication. -
FIG. 3 illustrates a flow diagram of a method for storing content-parts for a composite document, according to an example of the present disclosure. - In an example, in
block 302, a new content part, e.g.,content part 104a-n, is created or imported by, e.g.,authoring environment 106. Inblock 304, new keys are created for the content part by, e.g.,secure content manager 220. Inblock 306, the content part is encrypted and signed by, e.g.,secure content manager 220, using, e.g., a part-specific key. - In
block 308, a determination is made as to whether sufficient information has been received to determine a preferred storage location for the new content part. In an example,secure content manager 220 can store the content part within thecomposite document 108 by, e.g., embedding it intocomposite document 108, orsecure content manager 220 can store the content-part externally, e.g., on a server or other location, and store only a referenced location to the resource incomposite document 108. The decision ofblock 308 may be based on known attributes of eithercomposite document 108 or attributes related to any ofworkflow participants 120a-n. - In
block 310, if sufficient information is not available to determine where to store a new content part, the storage may be suspended, e.g.,secure content manager 220 may store the content-part locally in a temporary location. In such a case, flow may return to block 308 when sufficient information is available to determine where to store a new content part. - In
block 312, if sufficient information is available to determine where to store a new content part, flow may proceed to either block 314, where content-parts are stored external tocomposite document 108, or to block 322, where content-parts are embedded incomposite document 108. - In
block 314, for content-parts that are stored external tocomposite document 108, e.g., on referencedlocation servers 118a-n, a URI location is determined. In an example, a location may be determined based on attributes such as locations that are accessible to all workflow participants requiring access to a particular content-part. For example, it may be determined that storing a content part in London is a suitable location for workflow participants determined to be located throughout Europe. In another example, content-parts that only need to be accessed within a business organization may be at an internal URI. - In
block 316, the URI of the determined location is encrypted and signed. For example, the URI may be a uniform resource locator of a particular website including a prefix, a website name, and a top-level domain, and/or a file path with or without variables such as a username, password, or unique identifier, etc. within the a string. In an example, the table of content-parts 110an is then updated inblock 318 with a part ID, a part name, the URI, and at least one signature, e.g., the URI signature and the part signature. Inblock 320, the encrypted content-part is then stored in the reference location, e.g., atURI location 118a-n. In some examples, the content-part may not be encrypted, e.g., when a particular content-part is not confidential. - In
block 322, for content-parts that are embedded intocomposite document 108, the content-part is embedded along with a signature for the content part. In an example, the table of content-parts 110a-n is updated with a part ID, a part name, the embedded data, and at least one signature. -
FIG. 4 illustrates a flow diagram of a method for accessing content-parts of a composite document, according to an example of the present disclosure. Inblock 402, acomposite document 108 is received or accessed by, e.g.,secure content manager 220 following, e.g., a request from a workflow participant. - In
block 404, a determination is made as to whether the authenticity of thecomposite document 108 may be verified. Verification of authenticity may be based on, e.g., a signature or other means of verification. If the authenticity cannot be verified, secure content manager may not attempt to opencomposite document 108, and inblock 406 an error message or other indication may be displayed or transmitted to a workflow participant. In some examples, verification of authenticity may not be required. In such examples, a participant may be prompted to specify whether the participant wishes to open the composite document that has not been authenticated. - In
block 408, if the authenticity ofcomposite document 108 can be verified, processing continues for each of the content-parts incomposite document 108 based on whether a content-part is referenced or embedded. It will be understood that elements ofFIG. 4 may loop for composite documents that contain more than one content-part. - In
block 410, for each content-part that is a referenced resource, e.g., stored external tocomposite document 108, in an example, a determination is made as to whether the workflow participant has access to the content-part, e.g., whether the URI can be decrypted with a corresponding content-part key provided to a workflow participant within the participant's key-map file. If the URI cannot be decrypted, the flow returns to block 408. - If the URI can be decrypted, flow continues to block 412 where a determination is made as to whether the content-part associated with the URI is to be immediately displayed or transmitted to the workflow participant. If the content-part associated with the URI is not to be immediately displayed, e.g., if the workflow participant will access the content-part associated with the URI at a later time, flow returns to block 408. In some examples, defaults may be set for a particular device. For example, a participant's mobile device may be set to not display any content-parts by default, or to not display certain file types, e.g., multimedia clips, immediately.
- A determination as to whether a referenced content-part is to be immediately displayed may be based on an attribute, such as composite document or workflow participant attributes, e.g., detailed read/write/access permissions, available bandwidth, or device settings or capabilities. In other words,
secure content manager 220, in an example, downloads only the referenced location content-parts necessary for aparticular participant 120a-n. Such an attribute may be deemed either "lazy loading" and/or "eager loading" in some examples to, e.g., optimize bandwidth usage and efficiency. Such efficiencies may be particularly critical in a mobile environment, and/or when a composite document contains both text and heavy use of multimedia. - For example, with either embedded or referenced resources, a determination may be made as to whether a device of a workflow participant is configured to receive, process, display, execute, or "play" a particular content-part. According to one example, if the content-part is a Flash movie, the
secure content manager 220 may determine if theparticipant device 120a-n is capable of playing Flash movies. If not, the reference may not be accessed, downloaded, or loaded. - In the event that the content-part associated with a URI is to be immediately displayed, the content-part is retrieved or fetched from the URI in
block 414 and displayed inblock 416. In some examples, the content-part is decrypted after being fetched. It will be understood that the URI itself may be a referenced location, reflector mechanism, automatic redirect, or other referral mechanism, such that the URI location fetches content from other sources and returns the fetched content to securecontent manager 220. - In
block 422, a participant's key map table is checked to determine if a participant has write access to either the content-part, the URI, or both. If so, a participant may edit the content part, the URI, or both inblock 424. In one example, a participant with write access to a URI may convert an embedded content-part into a referenced resource, e.g., using the process for creating a referenced resource discussed above. In another example, a participant with write access may convert a referenced resource into an embedded content-part by deleting a URI and embedding the content-part accordingly. In yet another example, a participant with write access to a URI may modify a URI with a new referenced resource location, moving the content-part to the new referenced resource location. In cases where the participant does not have write access, flow may proceed to block 426. - In
block 418, for each content-part that is an embedded resource, e.g., stored internal tocomposite document 108, in an example, a determination is made as to whether the workflow participant has access to the content-part, e.g., whether the content-part can be decrypted with a key of the workflow participant. If the content-part cannot be decrypted, the flow returns to block 408. - If the content-part can be decrypted, flow continues to block 420 where a determination is made as to whether the content-part is to be immediately displayed or transmitted to the workflow participant. If the content-part is not to be immediately displayed, e.g., if the workflow participant will access the content-part at a later time, flow returns to block 408. In the event that the content-part is to be immediately displayed, the content-part is displayed in
block 416. - As above, a determination as to whether an embedded content-part is to be immediately displayed may be based on an attribute, such as composite document or workflow participant attributes. In other words,
secure content manager 220, in an example, opens only the referenced location content-parts necessary for aparticular participant 120a-n. Similarly, as above, flow may proceed to block 422 for editing if a participant has write access. -
FIG. 5 illustrates a schematic representation of a computing device that may be used as a platform for implementing or executing at least one of the processes depicted inFIGS. 3 and4 , according to examples of the present disclosure. - Some or all of the operations set forth in the figures may be contained as a utility, program, or subprogram, in any desired computer readable storage medium. In addition, the operations may be embodied by machine-readable instructions. For example, they may exist as machine-readable instructions in source code, object code, executable code, or other formats. Any of the above may be embodied on a computer readable storage medium, which include storage devices.
- Examples of computer readable storage media include conventional computer system RAM, ROM, EPROM, EEPROM, and magnetic or optical disks or tapes. Concrete examples of the foregoing include distribution of the programs on a CD ROM or via Internet download. It is therefore to be understood that any electronic device capable of executing the above-described functions may perform those functions enumerated above.
-
Computing device 500 may represent a computing device that comprisesauthoring environment 106, secure content manager 222, and/or referencedlocation servers 118a-n. Thedevice 500 may include aprocessor 502 such as a central processing unit; adisplay device 504, such as a monitor or other digital display; anetwork interface 506, such as a Local Area Network LAN card, a wireless 802.11x LAN card, a 3G or 4G mobile WAN or a WiMax WAN card; and a computer-readable medium 508. Each of these components may be operatively coupled to a bus 510. For example, the bus 510 may be an EISA, a PCI, a USB, a FireWire, a NuBus, or a PDS. - The computer
readable medium 508 may be any suitable medium that participates in providing instructions to the processor(s) 502 for execution. For example, the computerreadable medium 508 may be non-volatile media, such as an optical or a magnetic disk, or volatile media, such as memory. Transmission media can also take the form of acoustic, light, or radio frequency waves. The computerreadable medium 508 may also store other machine-readable instructions. - The computer-
readable medium 508 may also store anoperating system 512, such as Microsoft Windows, Mac OS, Unix, or Linux;network applications 514; and anaccess management application 516 such assecure content manager 220. Theoperating system 512 may be multi-user, multiprocessing, multitasking, multithreading, real-time, and the like. Theoperating system 512 may also perform basic tasks, such as recognizing input from input devices, such as a keyboard or a keypad; sending output to thedisplay 504; keeping track of files and directories onmedium 508; controlling peripheral devices, such as drives, printers, or image capture devices; and managing traffic on the bus 510. Thenetwork applications 514 may include various components for establishing and maintaining network connections, such as machine readable instructions for implementing communication protocols including TCP/IP, HTTP, Ethernet, USB, and FireWire. - The
authoring environment 106,secure content manager 220, and/or referenced location servers 110a-n provide various machine readable instructions for managing access to secure content, as described above. In certain examples, some or all of the processes performed may be integrated into theoperating system 512. In certain examples, the processes may be at least partially implemented in digital electronic circuitry, in computer hardware, in machine readable instructions (such as firmware and/or software), or in any combination thereof. - What has been described and illustrated herein are various examples of the present disclosure along with some of their variations. The terms, descriptions and figures used herein are set forth by way of illustration only and are not meant as limitations. Many variations are possible within the scope of the present disclosure, wherein the present invention is specified by the appended independent claims.
Claims (13)
- A method of accessing a composite document (108) containing one or more content-parts (110a-n) that have been encrypted and a key-map table (112) with encrypted key-map entries, wherein access, including read/write permissions, to content-parts (110a-n) by participants (120a-n) may be controlled through distribution of various sets of keys contained in respective key-map entries in the key-map table (112) for the participants (120a-n), said method comprising:receiving (402), on a computer system (500), a composite document (108) with at least one referenced resource location (118a-118n) as a content-part;decrypting the referenced resource location using a key from the key-map table (112);determining (412) whether the referenced resource location requires loading, wherein determining whether the referenced resource location requires loading comprises determining participant bandwidth qualification; anddetermining (422) whether the referenced resource location is editable by reading the key-map table (112) to determine write permissions for a participant, wherein, (i) in the event that the referenced resource location requires loading, fetching the referenced resource from the referenced resource location and decrypting the referenced resource (414), and (ii) in the event that the referenced resource location is editable, editing the referenced resource location (424).
- The method according to claim 1, wherein editing the referenced resource location comprises modifying a uniform resource identifier, URI,
and/or
modifying a file path. - The method according to any of the preceding claims, wherein editing the referenced resource location comprises moving the referenced resource location.
- The method according to any of the preceding claims, wherein editing the referenced resource location comprises deleting the referenced resource location and embedding the referenced resource into the composite document.
- The method according to any of the preceding claims, wherein determining whether the referenced resource location requires loading comprises determining participant device qualification.
- The method according to any of the preceding claims, wherein the authenticity of the referenced resource is verified using a signature verification key from the key-map table (112) for the referenced resource.
- A computer system comprising:an authoring module (106) configured to define a referenced resource location (118a-118n) in a composite document (108) and editing permissions for the referenced resource location, the composite document (108) containing one or more content-parts (110a-n) that have been encrypted and a key-map table (112) with encrypted key-map entries, wherein access, including read/write permissions, to content-parts (110a-n) by participants (120a-n) may be controlled through distribution of various sets of keys contained in respective key-map entries in the key-map table (112) for the participants (120a-n);a content module (220) configured to receive, from a workflow participant (120a-n), at least one request to access a composite document (108), to decrypt, using a key from the key-map table (112), the referenced resource location, to determine whether the referenced resource location requires loading, and to determine whether the referenced resource location is editable, wherein determining whether the referenced resource location requires loading comprises determining participant bandwidth qualification, wherein determining whether the referenced resource location is editable comprises reading a key-map table (112) to determine permissions for the participant;a communications module configured to fetch the referenced resource from the referenced resource location;an editing module configured to edit the referenced resource location; anda processor (202, 502) configured to implement the authoring module, the content module, the communications module, and the editing module.
- The system according to claim 7, wherein editing the referenced resource location comprises modifying a uniform resource identifier, URI.
- The system according to any of claims 7 or 8, wherein editing the referenced resource location comprises modifying a file path.
- The system according to any of claims 7 to 9, wherein editing the referenced resource location comprises moving the referenced resource location,
and/or
deleting the referenced resource location and embedding the referenced resource into the composite document. - The system according to any of claims 7 to 10, wherein determining whether the referenced resource location requires loading comprises determining participant device qualification.
- The system according to any of claims 7 to 11, wherein the authenticity of the referenced resource is verified using a signature verification key from a participant key-map table (112) for the referenced resource.
- A non-transitory computer readable storage medium (204, 508) on which is embedded a computer program, said computer program to manage access to a secure content-part (110a-n) of a composite document (108), wherein the content-part (110a-n) has been encrypted, wherein the composite document (108) includes a key-map table (112) with encrypted key-map entries, wherein access, including read/write permissions, to content-parts (110an) by participants (120a-n) may be controlled through distribution of various sets of keys contained in respective key-map entries in the key-map table (112) for the participants (120a-n), said computer program comprising a set of instructions to:receive, on a computer system (500), a composite document (108) with at least one referenced resource location (118a-118n);decrypt the referenced resource location using a key from the key-map table (112);determine whether the referenced resource location requires loading, wherein determining whether the referenced resource location requires loading comprises determining participant bandwidth qualification; anddetermine whether the referenced resource location is editable by reading the key-map table (112) to determine write permissions for a participant,wherein, (i) in the event that the referenced resource location requires loading, fetching the referenced resource from the referenced resource location and decrypting the referenced resource, and (ii) in the event that the referenced resource location is editable, editing the referenced resource location.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2014/044955 WO2016003431A1 (en) | 2014-06-30 | 2014-06-30 | Composite document referenced resources |
Publications (3)
Publication Number | Publication Date |
---|---|
EP3161705A1 EP3161705A1 (en) | 2017-05-03 |
EP3161705A4 EP3161705A4 (en) | 2017-11-22 |
EP3161705B1 true EP3161705B1 (en) | 2020-03-04 |
Family
ID=55019781
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP14896681.5A Active EP3161705B1 (en) | 2014-06-30 | 2014-06-30 | Composite document referenced resources |
Country Status (5)
Country | Link |
---|---|
US (1) | US10205597B2 (en) |
EP (1) | EP3161705B1 (en) |
CN (1) | CN106462671B (en) |
TW (1) | TWI552015B (en) |
WO (1) | WO2016003431A1 (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160212069A1 (en) * | 2015-01-21 | 2016-07-21 | Qualcomm Incorporated | Cooperative management of client device cache memory in an http session |
US11314880B2 (en) * | 2016-10-31 | 2022-04-26 | Red Hat, Inc. | Decoupling container image layers to preserve privacy |
CN107122433B (en) * | 2017-04-18 | 2020-07-24 | 广州视源电子科技股份有限公司 | Method for combining compound documents and system for realizing method |
US10756898B2 (en) * | 2017-06-12 | 2020-08-25 | Rebel AI LLC | Content delivery verification |
US10929352B2 (en) * | 2018-05-29 | 2021-02-23 | Oracle International Corporation | Securing access to confidential data using a blockchain ledger |
CN112989773B (en) * | 2019-12-13 | 2024-02-20 | 北京庖丁科技有限公司 | Method, apparatus, device and computer readable medium for synchronizing update data |
TWI736074B (en) * | 2019-12-20 | 2021-08-11 | 瑞昱半導體股份有限公司 | Peripheral devices and upgrade-verifying method thereof |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120185701A1 (en) * | 2011-01-13 | 2012-07-19 | Helen Balinsky | Document security system and method |
Family Cites Families (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6154840A (en) | 1998-05-01 | 2000-11-28 | Northern Telecom Limited | System and method for transferring encrypted sections of documents across a computer network |
US6912655B1 (en) | 1999-08-09 | 2005-06-28 | Tristrata Security Inc. | Network security architecture system utilizing seals |
CA2424713C (en) | 2000-08-21 | 2007-12-04 | Thoughtslinger Corporation | Simultaneous multi-user document editing system |
US6973445B2 (en) | 2001-05-31 | 2005-12-06 | Contentguard Holdings, Inc. | Demarcated digital content and method for creating and processing demarcated digital works |
JP3975694B2 (en) | 2001-06-20 | 2007-09-12 | 富士ゼロックス株式会社 | Document distribution server and method |
US7441116B2 (en) * | 2002-12-30 | 2008-10-21 | International Business Machines Corporation | Secure resource distribution through encrypted pointers |
US7716288B2 (en) | 2003-06-27 | 2010-05-11 | Microsoft Corporation | Organization-based content rights management and systems, structures, and methods therefor |
US8132261B1 (en) | 2003-12-12 | 2012-03-06 | Oracle International Corporation | Distributed dynamic security capabilities with access controls |
US8074215B2 (en) | 2006-04-14 | 2011-12-06 | Sap Ag | XML-based control and customization of application programs |
US20070250495A1 (en) * | 2006-04-25 | 2007-10-25 | Eran Belinsky | Method and System For Accessing Referenced Information |
US20080005024A1 (en) | 2006-05-17 | 2008-01-03 | Carter Kirkwood | Document authentication system |
JP4577847B2 (en) | 2006-06-30 | 2010-11-10 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Authoring systems, software, and methods for creating content |
KR100810368B1 (en) * | 2006-07-10 | 2008-03-07 | 주식회사 한글과 컴퓨터 | System for preventing access and expose documents in group |
US8086946B2 (en) | 2006-09-05 | 2011-12-27 | Adobe Systems Incorporated | Methods and apparatus for optimizing responsiveness of portable documents |
WO2009008036A1 (en) | 2007-07-06 | 2009-01-15 | Fujitsu Limited | File management system, device, program, and computer readable recording medium where its program is recorded |
CN101944087B (en) | 2009-07-08 | 2013-03-27 | 方正国际软件(北京)有限公司 | Device and method for generating compound document |
US8327458B2 (en) | 2009-08-07 | 2012-12-04 | Hewlett-Packard Development Company, L.P. | Providing an access mechanism associated with a document part to determine an action to take if content of the document part is inaccessible |
TW201131401A (en) | 2009-09-25 | 2011-09-16 | Ibm | Managing application state information by means of a uniform resource identifier (URI) |
CA2716982C (en) * | 2010-10-06 | 2016-07-19 | Ibm Canada Limited - Ibm Canada Limitee | Digital signatures on composite resource documents |
US10963584B2 (en) * | 2011-06-08 | 2021-03-30 | Workshare Ltd. | Method and system for collaborative editing of a remotely stored document |
CN102611732A (en) * | 2011-11-25 | 2012-07-25 | 无锡华御信息技术有限公司 | Encryption document outgoing control system and method on basis of B/S (Browser/Server) framework |
CN102629307B (en) * | 2012-03-02 | 2016-04-13 | 北京绿色森林信息技术有限公司 | A kind of internet reflects online and reads the antitheft loading system of document and method thereof |
US8370529B1 (en) | 2012-07-10 | 2013-02-05 | Robert Hansen | Trusted zone protection |
-
2014
- 2014-06-30 US US15/308,324 patent/US10205597B2/en not_active Expired - Fee Related
- 2014-06-30 CN CN201480080052.2A patent/CN106462671B/en not_active Expired - Fee Related
- 2014-06-30 EP EP14896681.5A patent/EP3161705B1/en active Active
- 2014-06-30 WO PCT/US2014/044955 patent/WO2016003431A1/en active Application Filing
-
2015
- 2015-06-09 TW TW104118622A patent/TWI552015B/en not_active IP Right Cessation
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120185701A1 (en) * | 2011-01-13 | 2012-07-19 | Helen Balinsky | Document security system and method |
Non-Patent Citations (2)
Title |
---|
FREED INNOSOFT INTERNATIONAL K MOORE UNIVERSITY OF TENNESSEE A CARGILLE N ET AL: "Definition of the URL MIME External-Body Access-Type; rfc2017.txt", DEFINITION OF THE URL MIME EXTERNAL-BODY ACCESS-TYPE; RFC2017.TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARD, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 1 October 1996 (1996-10-01), XP015007801 * |
HELEN Y BALINSKY ET AL: "Differential access for publicly-posted composite documents with multiple workflow participants", DOCUMENT ENGINEERING, ACM, 2 PENN PLAZA, SUITE 701 NEW YORK NY 10121-0701 USA, 21 September 2010 (2010-09-21), pages 115 - 124, XP058130915, ISBN: 978-1-4503-0231-9, DOI: 10.1145/1860559.1860584 * |
Also Published As
Publication number | Publication date |
---|---|
CN106462671B (en) | 2019-07-02 |
CN106462671A (en) | 2017-02-22 |
US10205597B2 (en) | 2019-02-12 |
WO2016003431A1 (en) | 2016-01-07 |
EP3161705A4 (en) | 2017-11-22 |
EP3161705A1 (en) | 2017-05-03 |
TW201617948A (en) | 2016-05-16 |
TWI552015B (en) | 2016-10-01 |
US20170104599A1 (en) | 2017-04-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3161705B1 (en) | Composite document referenced resources | |
US20220407725A1 (en) | File storage method, terminal, and storage medium | |
US10705889B2 (en) | Kernel event triggers | |
EP1698991B1 (en) | Method and computer-readable medium for generating usage rights for an item based upon access rights | |
US10360389B2 (en) | Composite document access | |
US20080294899A1 (en) | Secure management of document in a client-server environment | |
US20150347447A1 (en) | Method and architecture for synchronizing files | |
US20120260096A1 (en) | Method and system for monitoring a secure document | |
US8793503B2 (en) | Managing sequential access to secure content using an encrypted wrap | |
US11936716B2 (en) | System and method for providing a secure network | |
US9615116B2 (en) | System, method and apparatus for securely distributing content | |
JP2015527803A (en) | User terminal device and encryption method for encryption in cloud computing environment | |
CN101840471A (en) | Document right control method and device | |
KR101952139B1 (en) | A method for providing digital right management function in gateway server communicated with user terminal | |
EP3167397B1 (en) | Composite document access | |
US10452855B2 (en) | Composite document access | |
Willard et al. | Data transfer project: from theory to practice | |
US10229276B2 (en) | Method and apparatus for document author control of digital rights management | |
US10853057B1 (en) | Software library versioning with caching | |
KR20180043679A (en) | A method for providing digital right management function in cloud storage server communicated with gateway server | |
Catic et al. | SSST-Cloud: Developing a Cloud System for a University |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20161118 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
A4 | Supplementary search report drawn up and despatched |
Effective date: 20171024 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: H04L 9/30 20060101ALI20171018BHEP Ipc: H04L 29/08 20060101ALI20171018BHEP Ipc: G06F 21/10 20130101AFI20171018BHEP Ipc: H04L 9/14 20060101ALI20171018BHEP Ipc: H04L 29/06 20060101ALI20171018BHEP Ipc: G06Q 10/10 20120101ALI20171018BHEP Ipc: H04L 9/32 20060101ALI20171018BHEP |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20180723 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: GRANT OF PATENT IS INTENDED |
|
INTG | Intention to grant announced |
Effective date: 20191022 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE PATENT HAS BEEN GRANTED |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: REF Ref document number: 1241207 Country of ref document: AT Kind code of ref document: T Effective date: 20200315 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 602014062021 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: RS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: NO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200604 |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: MP Effective date: 20200304 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200605 Ref country code: BG Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200604 Ref country code: HR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: LV Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
REG | Reference to a national code |
Ref country code: LT Ref legal event code: MG4D |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: NL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SM Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200704 Ref country code: EE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200729 Ref country code: ES Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: LT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MK05 Ref document number: 1241207 Country of ref document: AT Kind code of ref document: T Effective date: 20200304 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 602014062021 Country of ref document: DE |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: AT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: IT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
26N | No opposition filed |
Effective date: 20201207 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200630 |
|
REG | Reference to a national code |
Ref country code: BE Ref legal event code: MM Effective date: 20200630 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200630 Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200630 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200630 Ref country code: IE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200630 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20200630 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: DE Payment date: 20201214 Year of fee payment: 8 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20210519 Year of fee payment: 8 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: MT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 Ref country code: AL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20200304 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R119 Ref document number: 602014062021 Country of ref document: DE |
|
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 20220630 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20220630 Ref country code: DE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20230103 |